tarantool / luajit

93%

tarantool/master: 93%

LAST BUILD ON BRANCH skaplun/lj-1369-stackov-invalid-bc

branch: skaplun/lj-1369-stackov-invalid-bc

CHANGE BRANCH

x

Reset

• skaplun/lj-1369-stackov-invalid-bc
• elhimov/gh-4808-display-fast-function-name
• experimental/mremap-always-nomove
• experimental/no-shrink-cdata-fin-table
• experimental/riscv-64
• fckxorg/auto-pr
• fckxorg/fix-argv-handling
• fckxorg/fixup-error-in-finalizer-tests
• fckxorg/generalized-debugger
• fckxorg/gh-5688-cli-for-memprof-parse
• fckxorg/gh-5688-cli-for-memprof-parse-tnt
• fckxorg/gh-6323-fix-curL
• fckxorg/gh-8140-crash-in-allocator
• fckxorg/gh-8594-sysprof-ffunc-crash
• fckxorg/gh-8700-sysprof-parser-refactoring
• fckxorg/integration-testing
• fckxorg/integration-testing-3.0
• fckxorg/lj-1004-fix-flaky
• fckxorg/lj-1004-oom-error-frame
• fckxorg/lj-1117-fuse-loads
• fckxorg/lj-595-fix-clang-build
• fckxorg/lj-624-jloop-snapshot-pc
• fckxorg/lj-690-concat-tail-call
• fckxorg/lj-720-errors-before-stitch
• fckxorg/lj-839-concat-recording
• fckxorg/lj-840-fix-hrefk-optimization
• fckxorg/lj-866-allow-building-with-unwinding-disabled
• fckxorg/lj-913-avoid-assertion-stkov-from-stitched-trace
• fckxorg/lj-946-print-errors-from-gc-fin
• fckxorg/lj-962-error-reporting-on-stack-overflow
• fckxorg/lj-pr-720-errors-before-stitch
• fckxorg/mark-conv-non-weak
• fckxorg/memprof-parser-refactoring
• fckxorg/profile-parsers-refactoring
• fckxorg/profile-parsers-refactoring-WIP
• fckxorg/profile-parsers-refactoring-p1
• fckxorg/sysprof-libunwind
• gdb-fix
• imun/disable-sysprof-tests-for-tarantool
• imun/enable-tarantool-cli-tests-in-lua-Harness
• imun/fix-test-for-tarantool-searchers
• imun/lj-549-make-gcc-7-happy
• imun/lj-802-panic-at-mcode-protfail
• imun/sysprof-ptrace-ffunc-test
• imun/tarantool-master
• imun/tarantool-release-2.10
• imun/tarantool-release-2.11
• ligurio/code-coverage
• ligurio/code-generation-jit.bcsave
• ligurio/enable_test_target
• ligurio/fix-_TARANTOOL
• ligurio/fix-cmake-warnings
• ligurio/fix-gh-actions-warnings
• ligurio/gh-11229-misc.sysprof.report
• ligurio/gh-1181-64bit-non-FAT-Mach-O-object-files
• ligurio/gh-1279-recording-getmetatable
• ligurio/gh-xxxx-close-file-profiler
• ligurio/gh-xxxx-define-unused
• ligurio/gh-xxxx-fix-msg-stop-sysprof
• ligurio/gh-xxxx-fix-stack-checks-in-vararg-calls
• ligurio/gh-xxxx-fix-sysprof-opts-processing
• ligurio/gh-xxxx-set-max-length
• ligurio/gh-xxxx-skip-sysprof-tests
• ligurio/gh-xxxx-spellchecking
• ligurio/gh-xxxx-update-ubsan-supp
• ligurio/lj-1054-incorrect-pc-value-predict_next
• ligurio/lj-1087-vm-handler-call
• ligurio/lj-1168-heap-use-after-free-on-access-to-CTState-finalizer
• ligurio/lj-1168-heap-use-after-free-on-access-to-CTState-finalizer-nointegration
• ligurio/lj-549-fix-embedded-bytecode-loader
• ligurio/lj-611-always-snapshot-functions-for-non-base-frames
• ligurio/lj-720-throw-any-errors-before-stack-changes-in-trace-stitching
• ligurio/lj-736-prevent-loop-in-snap_usedef
• ligurio/lj-865-fix_generation_of_mach-o_object_files
• ligurio/lj-881-fix-concat
• ligurio/skaplun/gh-9656-gcc-asan-build
• ligurio/support-diff-cover
• locker/ci-drop-centos-7-workflow
• mandesero/dlmalloc-instr
• mandesero/dlmalloc-instr-nointegration
• mandesero/lj-10231-ASAN-and-LJ-allocator
• mandesero/lj-3705-turn-off-strcmp-opt-in-debug
• mkokryashkin/integration-testing-2.11
• mkokryashkin/integration-testing-3.0
• mkokryashkin/profile-parsers-refactoring-p2
• mkokryashkin/test
• skaplun/disable-lj-1196-tarantool
• skaplun/ffi-fixes
• skaplun/fix-binary-number-parsing
• skaplun/fix-bit-shift-dualnum
• skaplun/fix-build-dir
• skaplun/fix-ff-select-recording
• skaplun/fix-flake8-7.2.0
• skaplun/fix-flaky-unit-jit-parse
• skaplun/fix-getmetrics-lapi-test
• skaplun/fix-ir-conv
• skaplun/fix-jit-dump-ir-conv-flaky
• skaplun/fix-luajit-tests-centos7
• skaplun/fix-luajit-tests-tablebump
• skaplun/fix-recording-bc-varg-used-in-select
• skaplun/fix-stack-alloc-on-trace
• skaplun/fix-test-complex-double
• skaplun/follow-up-fix-gh-9398-p2
• skaplun/gh-11185-stream-trace-assert
• skaplun/gh-11300-use-perftools-flag
• skaplun/gh-8473-ubsan
• skaplun/gh-8825-mips-ppc-refactoring
• skaplun/gh-9398-more-luajit-tests
• skaplun/gh-9398-more-luajit-tests-p2
• skaplun/gh-no-ticket-codespell-2.3.0-fixes
• skaplun/gh-noticket-codespell-nd
• skaplun/gh-noticket-disable-ecosystem-intergration
• skaplun/gh-noticket-fix-alpine-build
• skaplun/gh-noticket-fix-codespell
• skaplun/gh-noticket-fix-flaky-mips-spare-exit
• skaplun/gh-noticket-fix-flaky-test
• skaplun/gh-noticket-fix-gc-finalizer-pressure
• skaplun/gh-noticket-fix-glibc-versions
• skaplun/gh-noticket-fix-macos-c-tests
• skaplun/gh-noticket-fix-mips64-flaky-test
• skaplun/gh-noticket-justtest-integration
• skaplun/lj-1016-1031-asm-head-side
• skaplun/lj-1025-tsetm-maxslot
• skaplun/lj-1026-arm64-invalid-hrefk-offset-check
• skaplun/lj-1026-fix-ra-hrefk
• skaplun/lj-1028-ldr-fusion-to-ldp-negative-offset
• skaplun/lj-1033-fix-parsing-predict-next
• skaplun/lj-1046-fix-bc-varg-recording
• skaplun/lj-1052-unsink-with-irfl-tab-nomm
• skaplun/lj-1056-arm64-ldp-sdp-misaligned-fusing
• skaplun/lj-1057-arm64-stp-fusing-across-tbar
• skaplun/lj-1062-random-ra
• skaplun/lj-1069-newref-nan-key
• skaplun/lj-1075-arm64-incorrect-ldp-stp-fusion
• skaplun/lj-1079-fix-64-bitshift-folds
• skaplun/lj-1082-min-max-0-commutative
• skaplun/lj-1083-missing-tostring-coercion-in-select
• skaplun/lj-1094-ir-chain-dce
• skaplun/lj-1110-x64-return-dispatch
• skaplun/lj-1114-ffi-pragma-pack
• skaplun/lj-1115-invalid-scev-entry-lower-frame
• skaplun/lj-1116-redzones-checks
• skaplun/lj-1117-loads-fusion
• skaplun/lj-1128-double-ir-newref-on-restore-sunk
• skaplun/lj-1132-bad-snap-refs
• skaplun/lj-1133-fwd-href-hrefk-alias
• skaplun/lj-1134-fix-link-nointegration
• skaplun/lj-1134-hotside-jit-off
• skaplun/lj-1147-fstore-null-meta
• skaplun/lj-1149-g-number-formating
• skaplun/lj-1152-stack-buffer-overflow-on-error
• skaplun/lj-1164-record-meta-concat-varg-pcall
• skaplun/lj-1166-errors-stitching
• skaplun/lj-1169-down-rec-side
• skaplun/lj-1172-debug-handling-ref
• skaplun/lj-1173-frame-limit-lower-frame
• skaplun/lj-1194-abc-hoisting
• skaplun/lj-1196-partial-snap-restore
• skaplun/lj-1203-limit-format-elements
• skaplun/lj-1224-fix-jit-cdata-arith
• skaplun/lj-1226-fix-predict-next
• skaplun/lj-1232-fix-enum-tostring
• skaplun/lj-1234-err-in-record-concat
• skaplun/lj-1244-missing-phi-carg
• skaplun/lj-1247-fin-tab-rehashing-on-trace
• skaplun/lj-1248-close-state-early-OOM
• skaplun/lj-1249-loadfile-fd-leak
• skaplun/lj-1252-missing-bit64-coercion
• skaplun/lj-1262-fix-limit-narrow-conv-backprop
• skaplun/lj-1295-bad-renames-for-sunk-values
• skaplun/lj-1298-oom-on-concat-recording
• skaplun/lj-1329-getfenv-setfenv-negative
• skaplun/lj-1345-flushing-trace-twice
• skaplun/lj-1353-loadfile-err-use-after-free
• skaplun/lj-1358-jslot-overflow-uprecursion
• skaplun/lj-1359-bad-pc-on-snap-restore-stackov
• skaplun/lj-1360-dangling-ctype-ref-on-ccall
• skaplun/lj-1376-undefined-mul-test-flag
• skaplun/lj-382-clear-stack-after-jit-status
• skaplun/lj-522-fix-dlerror-return-null
• skaplun/lj-567-1176-print-nyi-names
• skaplun/lj-611-always-snapshot-functions-for-non-base-frames
• skaplun/lj-737-snap-usedef-upvalues
• skaplun/lj-783-fix-fold-x-0
• skaplun/lj-784-cse-ref-base-over-retf
• skaplun/lj-788-limit-exponents-range
• skaplun/lj-791-fold-bufhdr-append
• skaplun/lj-792-hrefk-table-clear
• skaplun/lj-794-abc-fold-constants
• skaplun/lj-833-fold-conv-from-num
• skaplun/lj-859-math-ceil-sign
• skaplun/lj-861-1005-ffi-fixes
• skaplun/lj-9-pow-inconsistencies
• skaplun/lj-903-arm64-unused-number-sload-typecheck
• skaplun/lj-917-arm64-sload-typecheck-conversion
• skaplun/lj-918-fma-optimization
• skaplun/lj-928-1193-sanitizer-fixes
• skaplun/lj-980-load-fwd-after-table-rehash
• skaplun/lj-994-instable-pri-types
• skaplun/lj-994-load-fwd-instable-types-tdup
• skaplun/lj-noticket-err-concat-oom
• skaplun/lj-noticket-fix-slots-overflow-for-varg-record
• skaplun/lj-noticket-test-cat-fix
• skaplun/shrink-test-env
• skaplun/tarantool-integration-branch-revision
• skaplun/test-integrational-ci-3.2
• tarantool/archive/2.10
• tarantool/archive/3.0
• tarantool/archive/3.1
• tarantool/master
• tarantool/release/2.10
• tarantool/release/2.11
• tarantool/release/3.0
• tarantool/release/3.1
• tarantool/release/3.2
• tarantool/release/3.3
• tarantool/release/3.4
• tarantool/release/3.5

Build # 17612291753

Build Type

push

github

Committed by Buristan

Commit Message

Avoid out-of-range PC for stack overflow error from snapshot restore.

Reported by Sergey Kaplun.

(cherry picked from commit e3fa3c48d)

In case when the saved PC in the snapshot is the first (0th index) PC in
the prototype like JFUNC*, the subtraction to determine the previous PC
in the `debug_framepc()` overflows and contains `NO_BCPOS` value. After
that, the pos is greater than sizebc. Hence, the code below may
interpret the bits in `pt->varinfo` like `bc_isret()` and assign an
invalid value to `pos` to be returned. Further, it may lead to the
assertion failure in the lj_debug_frameline().

This patch fixes it by pretending that this means the first non-header
bytecode in the prototype. Also, this patch removes the skipcond
introduced in the commit a74e5be07
("test: conditionally disable flaky lj-1196"). The new test isn't added
since the assertion failure depends on the specific memory address of
the `varinfo`, so it is too hard to create a stable reproducer.

Sergey Kaplun:
* added the description for the problem

Part of tarantool/tarantool#11691

Run Details

5714 of 6047 branches covered (94.49%)

Branch coverage included in aggregate %.

21804 of 23509 relevant lines covered (92.75%)

3872934.8 hits per line